mirror of
https://gitlab.com/shorewall/code.git
synced 2024-11-23 16:13:18 +01:00
Make tcrules console-friendly again; finish work in tcclasses
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3461 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
5caaeb3af2
commit
a03a65e770
@ -93,25 +93,27 @@
|
||||
#
|
||||
# tos=0x<value>[/0x<mask>] (mask defaults to 0xff)
|
||||
# - this lets you define a classifier
|
||||
# for the given <value>/<mask> combination
|
||||
# of the IP packet's TOS/Precedence/DiffSrv
|
||||
# octet (aka the TOS byte). Please note,
|
||||
# classifiers override all mark settings,
|
||||
# so if you define a classifer for a class,
|
||||
# all traffic having that mark will go in it
|
||||
# regardless of any mark set on the packet
|
||||
# by a firewall/mangle filter.
|
||||
# for the given <value>/<mask>
|
||||
# combination of the IP packet's
|
||||
# TOS/Precedence/DiffSrv octet (aka the
|
||||
# TOS byte). Please note, classifiers
|
||||
# override all mark settings, so if you
|
||||
# define a classifer for a class, all
|
||||
# traffic having that mark will go in it
|
||||
# regardless of any mark set on the
|
||||
# packet by a firewall/mangle filter.
|
||||
#
|
||||
# NOTE: multiple tos= statements may be
|
||||
# applied per class and per interface, but
|
||||
# a given value/mask pair is valid for only
|
||||
# ONE class per interface.
|
||||
# applied per class and per interface,
|
||||
# but a given value/mask pair is valid
|
||||
# for only ONE class per interface.
|
||||
#
|
||||
# tos-<tosname> - aliases for the following TOS octet
|
||||
# value and mask encodings. TOS encodings
|
||||
# of the "TOS byte" have been deprecated in
|
||||
# favor of diffserve classes, but programs
|
||||
# like ssh, rlogin, and ftp still use them.
|
||||
# value and mask encodings. TOS
|
||||
# encodings of the "TOS byte" have been
|
||||
# deprecated in favor of diffserve
|
||||
# classes, but programs like ssh,
|
||||
# rlogin, and ftp still use them.
|
||||
#
|
||||
# tos-minimize-delay 0x10/0x10
|
||||
# tos-maximize-throughput 0x08/0x08
|
||||
@ -142,27 +144,30 @@
|
||||
#
|
||||
#
|
||||
# Example 1: Suppose you are using PPP over Ethernet (DSL)
|
||||
# and ppp0 is the interface for this. You have 4 classes here,
|
||||
# the first you can use for voice over IP traffic,
|
||||
# the second interactive traffic (e.g. ssh/telnet but not scp),
|
||||
# the third will be for all unclassified traffic, and the
|
||||
# forth is for low priority traffic (e.g. peer-to-peer).
|
||||
# and ppp0 is the interface for this. You have 4 classes
|
||||
# here, the first you can use for voice over IP
|
||||
# traffic, the second interactive traffic (e.g.
|
||||
# ssh/telnet but not scp), the third will be for all
|
||||
# unclassified traffic, and the forth is for low
|
||||
# priority traffic (e.g. peer-to-peer).
|
||||
#
|
||||
# The voice traffic in the first class will be guaranteed
|
||||
# a minimum of 100kbps and always be serviced first (because
|
||||
# of the low priority number, giving less delay) and will be
|
||||
# granted excess bandwidth (up to 180kbps, the class ceiling)
|
||||
# first, before any other traffic. A single VOIP stream,
|
||||
# depending upon codecs, after encapsulation, can take up to
|
||||
# 80kbps on a PPOE/DSL link, so we pad a little bit just in
|
||||
# case. (TOS byte values 0xb8 and 0x68 are DiffServ classes
|
||||
# EF and AFF3-1 respectively and are often used by VOIP
|
||||
# devices).
|
||||
# The voice traffic in the first class will be
|
||||
# guaranteed a minimum of 100kbps and always be
|
||||
# serviced first (because of the low priority number,
|
||||
# giving less delay) and will be granted excess
|
||||
# bandwidth (up to 180kbps, the class ceiling) first,
|
||||
# before any other traffic. A single VOIP stream,
|
||||
# depending upon codecs, after encapsulation, can take
|
||||
# up to 80kbps on a PPOE/DSL link, so we pad a little
|
||||
# bit just in case. (TOS byte values 0xb8 and 0x68
|
||||
# are DiffServ classes EF and AFF3-1 respectively and
|
||||
# are often used by VOIP devices).
|
||||
#
|
||||
# Interactive traffic (tos-minimum-delay) and TCP acks (and
|
||||
# ICMP echo traffic if you use the example in tcrules) and
|
||||
# any packet with a mark of 2 will be guaranteed 1/4 of the
|
||||
# link bandwidth, and may extend up to full speed of the link.
|
||||
# Interactive traffic (tos-minimum-delay) and
|
||||
# TCP acks (and ICMP echo traffic if you use the example
|
||||
# in tcrules) and any packet with a mark of 2 will be
|
||||
# guaranteed 1/4 of the link bandwidth, and may extend
|
||||
# up to full speed of the link.
|
||||
#
|
||||
# Unclassified traffic and packets marked as 3 will be
|
||||
# guaranteed 1/4th of the link bandwidth, and may extend
|
||||
@ -170,13 +175,13 @@
|
||||
#
|
||||
# Packets marked with 4 will be treated as low priority
|
||||
# packets. (The tcrules example marks p2p traffic as
|
||||
# such.) If the link is congested, they're only guaranteed
|
||||
# 1/8th of the speed, and even if the link is empty, can
|
||||
# only expand to 80% of link bandwidth just as a precaution
|
||||
# in case there are upstream queues we didn't account for.
|
||||
# This is the last class to get additional bandwidth and
|
||||
# the last to get serviced by the scheduler because of the
|
||||
# low priority.
|
||||
# such.) If the link is congested, they're only
|
||||
# guaranteed 1/8th of the speed, and even if the link is
|
||||
# empty, can only expand to 80% of link bandwidth just
|
||||
# as a precaution in case there are upstream queues we
|
||||
# didn't account for. This is the last class to get
|
||||
# additional bandwidth and the last to get serviced by
|
||||
# the scheduler because of the low priority.
|
||||
#
|
||||
# ppp0 1 100kbit 180kbit 1 tos=0x68/0xfc,tos=0xb8/0xfc
|
||||
# ppp0 2 full/4 full 2 tcp-ack,tos-minimize-delay
|
||||
|
Loading…
Reference in New Issue
Block a user